Some thoughts:<p>1. Google's threat model may not be your threat model, and it definitely isn't the threat model of my daughter's school. A corporation like Google may be concerned using native applications, written in unsafe languages, written by developers from other corporations in China. That said, Zoom isn't wrong for everyone.<p>2. Google is motivated to push their own solution for obvious reasons.<p>3. Tavis, or others, at Project Zero might know some things, maybe we'll find out.
(disclaimer: I work at El Goog)<p>A number of companies have rightfully banned Zoom's native apps, given how insecure they are. I had previously uninstalled it when the news about the secret web server they install came out. Google is still allowing use of the web app, but the web app bizarrely doesn't support Grid/Gallery View, which is the main reason my friends/family wanted to use it.<p>Hangouts Meet was optimized for work meetings where most people would be dialing in from high-bandwidth meeting rooms, not everyone individually dialing in from home, but hopefully now they've heard the loud feedback about the especial usefulness of Gallery View during quarantine times and will introduce the feature soon.<p>For now I'm using the Chrome extension that enables this feature client-side using JS/CSS, and staying tf away from Zoom. With how little I used Zoom before quarantine, I don't understand the adoration for it (I found its UI confusing and quality similar to other tools), and I haven't been able to find any benchmarks comparing its video quality for people on less good internet connections (my home network is pretty strong).
"Employees who have been using Zoom to stay in touch with family and friends can continue to do so through a web browser or via mobile."<p>(Disclosure: I work for Google, speaking only for myself)
Zoom has a not very well published chrome app (intended for chromebook users). You can install it in normal chrome and it gives you a much better experience than the web version without all the issues of the desktop app.<p>I trust zoom a lot more when it is running inside a chrome sandbox than as a native app.
I mean, Google bans MS Office from employees' computers as well (with special-case exceptions), so they use Docs instead. Since Google has Meet (Hangouts), this isn't really surprising.<p>It mainly sucks for when an employee (especially in sales) has a call with a client that uses Zoom and can't use Meet, because then you're forced to dial in, which just puts you at a disadvantage when everyone can see everyone's face except yours.<p>Edit: per comments, people can still use the browser version of Zoom, so doesn't seem that bad.
God please don't make me use a non-zoom video conferencing tool!<p>I have used about a dozen over the years in my role as a consultant, and Zoom has been by far the most reliable. I’m hopeful lots of good can come from the scrutiny, but please Zoom get your act together so I don’t have to use some other buggy thing that doesn’t actually work.
Same in my org. Employees cannot setup Zoom meetings but can join meetings set by others from outside the org but only via browser. Zoom apps are banned and all installed apps in managed devices will be removed by IT.
Zoom's issues are fixable... unlike a hardware defect like the macbook pro keyboard and the iphone antenna that didn't work well... Zoom is clearly better than the alternatives and has my 80 year old uncle talking about it. This too shall pass.
You can make joining via the web an option. No app install required. Details at <a href="https://support.zoom.us/hc/en-us/articles/115005666383-Show-a-Join-from-your-browser-Link" rel="nofollow">https://support.zoom.us/hc/en-us/articles/115005666383-Show-...</a><p>Note, works best in Chrome (likely Chromium) based on what the docs say.
Must be nice to be an upstart. You have a throng of tech savvy people to defend you at best and forgive you at worst.<p>If this was a Microsoft/Google product it would be pilloried to death.
I work at a large corp, our own in house video conf went down for a few hours. Our backup conference system also tied to same system of course went down. Rather than postpone meetings we took them on zoom. It just works and I hope they get over this security issue and start ramping up their feature set.
Is it not common for companies to control what apps are installed on corporate computers, and where company data is stored (cloud providers, etc)? I get the whole Zoom backlash, but this is taking a specific instance of company and app and harvesting clicks.
I'm seeing references to Zoom "getting over these security issues". Some of the issues (e.g. not requiring passwords) can be relatively easily addressed. Others, like transmitting symmetric encryption keys over the wire and storing them in databases in China, are more fundamental to Zoom's corporate strategy. I doubt Zoom would change the most jarring of their security gaffes in a way that would satisfy security-focused companies like Google.
It doesn’t matter what your personal threat model is: these videoconferencing apps have become de facto critical infrastructure for many countries almost overnight with no scrutiny and a joke security posture, because the IRL channels they replace are unavailable. This has dire implications for all of us, both in terms of espionage and the potential for massive disruption.<p>Threat modelling is fine for your home security, but it is now dangerously anachronistic when evaluating anything connected to the internet. One solution would be to at least educate people about the need for a security mindset on a massive scale, or at worst craft some laws to force it.<p>I’m sure there are many people who would accept the risks of drink driving: we don’t let them.
I just wish Slack didn't use so much firepower on my machine, it seems to make my Macbook pro 2015's fan go wild and the CPU to spike, and it seems to "rot" over time, and get worse.
I put together instructions for creating an install-free dock icon for Zoom. Nothing ground breaking here, I just combined several sets of instructions I found useful.<p><a href="https://blog.joeldare.com/creating-an-install-free-dock-icon-for-zoom-on-mac/" rel="nofollow">https://blog.joeldare.com/creating-an-install-free-dock-icon...</a><p>Zoom stopped the browser login from working for a few days, but it seems to be back working now.
A more existential question is why the <i></i><i></i> Google and MSFT with 'All the King's Horses and All the King's Men' can't make a <i>basic, reliable, video conf</i>.<p>I understand there are some business reasons here and there (MS wants people on Teams not Skype) but it doesn't matter.<p>'Basic Video' should be as common, robust and reliable as making a phone call.
Can someone with more experience using Jitsi comment on benefits/limitations for use at work? We typically have 2-5 people on calls but occasionally up to 20. I tried it a bit with 1-1 calls and it was pretty great but I'm assuming there are some limitations vs Zoom to be aware of.
I prefer Zoom primarily because of two things:<p>1. We used google meet a lot, but it's very CPU intense and also does not run in Safari so I have to start Chrome to run it
2. It's a better UI and Video Conf experience, hands down.<p>I realize that it has issues but nothing truly major as far as I can see.
A question: I have avoided installing the native macOS Zoom client, but I use the iOS native app on my iPhone. Does the iOS app have the same vulnerabilities as the macOS native app? I searched in these comments for ‘iOS’ to see if someone already discussed this. Thanks.
Is there any technical merit to this ban? Why would forcing use of web version mitigate any concerns? (The concerns I have heard are lack of proper end-to-end encryption, servers in China and the possibility to join chatrooms by guessing a name (zoom-bombing)).
If the tech community can't prioritize security over features, it's pretty rich for same community to declare that the "average joe" doesn't care about security.
Why Zoom is making so many silly mistakes. They should take advantage of this situation instead they are blowing up. Every time they apologies or make statement trust has been lost.
Other large technology companies that manufacture stuff but are not Chinese have made the same decision.<p>I write like this because I am not sure what I can disclose.
What's surprising to me is that it <i>was</i> allowed before. They have had their own videochat solution for years, so I would expect the usual "eat your own dogfood" approach.
I don't like zoom either, but what exactly made them the HN punching bag of the month? Ad/surveillance giants like Google or FB are typically spoken of with notes of reverence and awe on here. Zoom gets lit-up for sending data to FB, but FB gets a pass? I don't know I just can't get into the mood. <i>extinguishes torch in moat</i>.
I interviewed at Google a while back for an SRE position working with the Hangouts team. My first interview was in another office and the audio in Hangouts session would not start. We ending up having to move on to the next interview. I'm not surprised even Google employees don't use it.
Google banning it is almost an endorsement for me. Anything the Chocolate Factory hates can't be all that evil.<p>Joking asides, this is a weak way to promote the fact they have a competing tool.